I like the idea of a database per user. I thought about creating such a
database by Fauxton upon login, but that won't work if the user does not
have admin privileges, so I guess this is something that should be
implemented in Couch itself.
Unfortunately I can't make any contribution to this code wise, since I'm
not speaking Erlang :(
I'm also not sure if this would make it into 2.0, since it seems the
project goes into RC phase now. So how could we proceed on that?
Regards,
Markus
On 15.07.2016 11:23, Garren Smith wrote:
I was speaking to Jan about this in #couchdb-dev. He makes some very
important points:
+jan____> thing is, fauxton runs under the security context of the logged
in user
11:12 J<+jan____> so each user would need their own fauxton db
11:12 J<+jan____> or we bleed info
11:12 J<+jan____> or it is admin only
11:13 J<+jan____> but then, multiple admin accounts are possible, and
they’d share it
11:13 J<+jan____> I wonder if a browser-local PouchDB instance is the
better option
A PouchDB instance might be better but then a user loses their info when
they change browsers. Otherwise Jan mentioned a db-per-user which could
also work really well.
On Fri, Jul 15, 2016 at 11:03 AM, Garren Smith <[email protected]> wrote:
Markus, good points. I'm definitely +1 for the idea. Like Samuel says,
storing notifications would be excellent. It would definitely allow us to
improve the user experience.
Cheers
Garren
On Fri, Jul 15, 2016 at 8:45 AM, Samuel Kidman <[email protected]>
wrote:
It would be nice to store notifications in such a database. Admins could
then see which actions have been undertaken through fauxton and by whom.
On 15 July 2016 at 06:25, Markus Fischböck <[email protected]>
wrote:
Hi Garren,
I guess that depends on how sensitive the data in there would be. It's
not
planned to store any passwords for remote servers, so the user would
need
to enter those upon each replication. So in the worst case a user would
only see bookmarked databases on a remote server but would not be able
to
access them. Given the fact that the same behavior is present on a local
machine I would assume this to be OK.
From what I can tell with my limited knowledge of the internals it's
currently not possible to secure specific documents and would probably
cause some interference with replication as well.
So my solution would be to simply not store any sensitive there.
Regards,
Markus
On 14.07.2016 12:19, Garren Smith wrote:
Hi Markus,
I like the idea of a Fauxton system database. I think we could store
some
useful things in there. But how would we manage security and
permissions
on
the database?
Would one user be able to see bookmarks for another use when viewing
that
database?
Cheers
Garren
On Tue, Jul 12, 2016 at 9:54 PM, Markus Fischböck <
[email protected]
wrote:
Hi everyone!
I'm currently working on a new replicator add-on for the Fauxton UI.
One
of the features I'd like to implement is a bookmark manager where a
user
can create and save bookmarks in order to have them for quick access,
when selecting hosts/databases during replication. This saves the user
the hastle to remember the full URL to any source/target database
he/she
want's to replicate from.
I had a discussion lately with Robert Kowalski where to store those
bookmarks and I had a couple of ideas in mind:
a) Saving the bookmarks on the local storage of the browser => this is
the least desired option, since the bookmarks would only be available
on
the current browser.
b) Saving the bookmarks in the users document in the _user Database =>
Not really nice, since we would pollute the user object with data from
Fauxton. I guess it's not supposed to work that way.
c) Having a fauxton related system database (e.g. _fauxton) where we
can
store UI related data. For now this would be bookmarks, but could come
in handy for other purposes like UI settings and that a like.
I wanted to ask, if it would be possible (and desireable) to add such
a
system database for the Fauxton project.
Kind Regards,
Markus
